DB: Oracle SYS.KUPW-WORKER Malformed Command
This signature detects attempts to exploit a known vulnerability against Oracle Server. A successful attack can lead to arbitrary code execution.
Extended Description
Various Oracle applications including Oracle Database, Oracle Application Server, Oracle Collaboration Suite, Oracle E-Business Suite and Applications, Oracle Pharmaceutical Applications, Oracle Enterprise Manager, Oracle PeopleSoft Enterprise, and JD Edwards EnterpriseOne are affected by multiple vulnerabilities. Oracle has released a Critical Patch Update advisory for July 2006 to address these vulnerabilities. This Critical Patch Update addresses the vulnerabilities for supported releases. Earlier unsupported releases are likely to be affected by the issues as well. These issues will be split into individual records when more information has been disclosed.
Affected Products
Oracle oracle10g_standard_edition
References
BugTraq: 19054
CVE: CVE-2006-3698
URL: http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujul2006.html
Short Name
DB:ORACLE:SYS:KUPW-WORKER
Severity
Major
Recommended
False
Recommended Action
Drop
Category
DB
Keywords
CVE-2006-3698 Command Malformed Oracle SYS.KUPW-WORKER bid:19054
Release Date
08/17/2006
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3727
False Positive
Unknown
Vendors
Oracle
Peoplesoft
CVSS Score
10.0